1. Field of the Invention
The present invention generally relates to the data processing field, and more particularly, the present invention relates to an access request authentication method, an authorization information generating method, an access request authentication system and a hardware device.
2. Description of the Related Art
Authorization is a process allowing specific users to access specific devices, including specific information on the devices. Authenticating the authorization can rule out those unauthorized accesses. Controlling access rights serves two types of purposes: one is to safeguard the security of items, to prevent them from being stolen or destroyed by others; the other is to protect information security, e.g., on some devices being stored large amount of information involving individual privacy, trade secrets etc. There are many traditional methods for authenticating an access request to a device, including using a traditional lock, or using a traditional password lock, etc.
However, traditional device authorization management has many defects. For example, when using a traditional lock to perform device management, if a plurality of visitors are to access the device, then either a plurality of copies of the traditional key should be made, or the same key should be passed on among the plurality of visitors. Using the former method will not only cause potential safety hazards, but it also makes it difficult to manage access to the device according to the access time; using the latter method may cause loss of the key and may incur high cost of key management.
Rights management of some current devices is by a password lock, and the device can only be accessed by the people who input the right password. However, the current password lock cannot distinguish between people. That is to say, if several people are to access the device at different times, these people will obtain the same access password, which thus is not conducive for rights management, nor for distinguishing between the periods of responsibility of respective visitors. Currently, the passwords of some password locks can be changed constantly. Each time before being visited, the device will communicate with the management center to obtain the current valid password. This solution needs the device to be networked, and is not suitable for devices which may work offline.